<?php
	header('Content-Type:text/html;charset=UTF-8');
	require('mysql.php');
	session_start();
	if(isset($_POST['usercode'])){
		$studentid=$_POST['usercode'];
		$current=md5($_POST['currenttext']);
		$newtext=md5($_POST['newtext']);
		if ($_POST['currenttext']==''){
		$state='null';
		header("Location:../view/passwordchange.php?state=$state");
		exit();
		}elseif ($_POST['newtext']==''){
		$state='null1';
			header("Location:../view/passwordchange.php?state=$state");
			exit();
		}
		if($_SESSION['usertype']=='s'){
		echo $current;
		$sql=<<<SQL
		UPDATE studentworkinlibrary
		SET studentpass="{$newtext}"
		WHERE studentid='$studentid' and studentpass='$current'
SQL;
		}elseif ($_SESSION['usertype']=='t'){
		$sql=<<<SQL
		UPDATE teach
		SET teacherpass="{$newtext}"
		WHERE teachid='$studentid' and teacherpass='$current'
SQL;
		}
		
		$result=mysql_query($sql);
	if(mysql_affected_rows() == 1){
	$state='ok';
	echo '<script>alert("修改密码成功！");</script>';
	header("Location:../view/passwordchange.php?state=$state");
	}//ifresult	
	else {
		$state='error';
		
		header("Location:../view/passwordchange.php?state=$state");
}	
	
	}//if isset	
	mysql_free_result($result);
	mysql_close();
?>
</body>

</html>
